From a2e79d8864865e335559f238ff00b8c68d825475 Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Thu, 19 May 2022 23:50:19 +0200 Subject: [PATCH 1/8] When non-admin users use code search, get code unit accessible repos in one main query --- models/issue.go | 4 +- models/lfs.go | 5 +- models/org.go | 3 +- models/repo_list.go | 62 +++++++++++----- routers/web/explore/code.go | 143 ++++++++++++++---------------------- 5 files changed, 109 insertions(+), 108 deletions(-) diff --git a/models/issue.go b/models/issue.go index c344998b90e52..302e9c112b249 100644 --- a/models/issue.go +++ b/models/issue.go @@ -1375,7 +1375,7 @@ func issuePullAccessibleRepoCond(repoIDstr string, userID int64, org *organizati cond = cond.And( builder.Or( userOwnedRepoCond(userID), // owned repos - userCollaborationRepoCond(repoIDstr, userID), // collaboration repos + userAccessRepoCond(repoIDstr, userID), // collaboration repos userAssignedRepoCond(repoIDstr, userID), // user has been assigned accessible public repos userMentionedRepoCond(repoIDstr, userID), // user has been mentioned accessible public repos userCreateIssueRepoCond(repoIDstr, userID, isPull), // user has created issue/pr accessible public repos @@ -1444,7 +1444,7 @@ func GetRepoIDsForIssuesOptions(opts *IssuesOptions, user *user_model.User) ([]i opts.setupSessionNoLimit(sess) - accessCond := accessibleRepositoryCondition(user) + accessCond := accessibleRepositoryCondition(user, unit.TypeInvalid) if err := sess.Where(accessCond). Distinct("issue.repo_id"). Table("issue"). diff --git a/models/lfs.go b/models/lfs.go index 037ed8556b758..dd799bd5fee73 100644 --- a/models/lfs.go +++ b/models/lfs.go @@ -11,6 +11,7 @@ import ( "code.gitea.io/gitea/models/db" repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unit" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/lfs" "code.gitea.io/gitea/modules/log" @@ -142,7 +143,7 @@ func LFSObjectAccessible(user *user_model.User, oid string) (bool, error) { count, err := db.GetEngine(db.DefaultContext).Count(&LFSMetaObject{Pointer: lfs.Pointer{Oid: oid}}) return count > 0, err } - cond := accessibleRepositoryCondition(user) + cond := accessibleRepositoryCondition(user, unit.TypeInvalid) count, err := db.GetEngine(db.DefaultContext).Where(cond).Join("INNER", "repository", "`lfs_meta_object`.repository_id = `repository`.id").Count(&LFSMetaObject{Pointer: lfs.Pointer{Oid: oid}}) return count > 0, err } @@ -173,7 +174,7 @@ func LFSAutoAssociate(metas []*LFSMetaObject, user *user_model.User, repoID int6 newMetas := make([]*LFSMetaObject, 0, len(metas)) cond := builder.In( "`lfs_meta_object`.repository_id", - builder.Select("`repository`.id").From("repository").Where(accessibleRepositoryCondition(user)), + builder.Select("`repository`.id").From("repository").Where(accessibleRepositoryCondition(user, unit.TypeInvalid)), ) err = sess.Cols("oid").Where(cond).In("oid", oids...).GroupBy("oid").Find(&newMetas) if err != nil { diff --git a/models/org.go b/models/org.go index 1efa0504eab60..0329933d3a9f6 100644 --- a/models/org.go +++ b/models/org.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/models/organization" access_model "code.gitea.io/gitea/models/perm/access" repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unit" user_model "code.gitea.io/gitea/models/user" "xorm.io/builder" @@ -54,7 +55,7 @@ func GetUserOrgsList(user *user_model.User) ([]*MinimalOrg, error) { Join("LEFT", builder. Select("id as repo_id, owner_id as repo_owner_id"). From("repository"). - Where(accessibleRepositoryCondition(user)), "`repository`.repo_owner_id = `team`.org_id"). + Where(accessibleRepositoryCondition(user, unit.TypeInvalid)), "`repository`.repo_owner_id = `team`.org_id"). Where("`team_user`.uid = ?", user.ID). GroupBy(groupByStr) diff --git a/models/repo_list.go b/models/repo_list.go index 4b76cbc08b3b8..906803b509bee 100644 --- a/models/repo_list.go +++ b/models/repo_list.go @@ -282,8 +282,8 @@ func teamUnitsRepoCond(id string, userID, orgID, teamID int64, units ...unit.Typ )) } -// userCollaborationRepoCond returns user as collabrators repositories list -func userCollaborationRepoCond(idStr string, userID int64) builder.Cond { +// userAccessRepoCond returns a condition for selecting all repositories a user has access to +func userAccessRepoCond(idStr string, userID int64) builder.Cond { return builder.In(idStr, builder.Select("repo_id"). From("`access`"). Where(builder.And( @@ -293,6 +293,17 @@ func userCollaborationRepoCond(idStr string, userID int64) builder.Cond { ) } +// userCollaborationRepoCond returns a condition for selecting all repositories a user is collaborator in +func userCollaborationRepoCond(idStr string, userID int64) builder.Cond { + return builder.In(idStr, builder.Select("repo_id"). + From("`collaboration`"). + Where(builder.And( + builder.Eq{"`collaboration`.user_id": userID}, + builder.Gt{"`collaboration`.mode": int(perm.AccessModeNone)}, + )), + ) +} + // userOrgTeamRepoCond selects repos that the given user has access to through team membership func userOrgTeamRepoCond(idStr string, userID int64) builder.Cond { return builder.In(idStr, userOrgTeamRepoBuilder(userID)) @@ -310,7 +321,13 @@ func userOrgTeamRepoBuilder(userID int64) *builder.Builder { func userOrgTeamUnitRepoBuilder(userID int64, unitType unit.Type) *builder.Builder { return userOrgTeamRepoBuilder(userID). Join("INNER", "team_unit", "`team_unit`.team_id = `team_repo`.team_id"). - Where(builder.Eq{"`team_unit`.`type`": unitType}) + Where(builder.Eq{"`team_unit`.`type`": unitType}). + And(builder.Gt{"`team_unit`.`access_mode`": int(perm.AccessModeNone)}) +} + +// userOrgTeamUnitRepoCond returns a condition to select repo ids where user's teams can access the special unit. +func userOrgTeamUnitRepoCond(idStr string, userID int64, unitType unit.Type) builder.Cond { + return builder.In(idStr, userOrgTeamUnitRepoBuilder(userID, unitType)) } // userOrgUnitRepoCond selects repos that the given user has access to through org and the special unit @@ -363,7 +380,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond { if opts.Private { if opts.Actor != nil && !opts.Actor.IsAdmin && opts.Actor.ID != opts.OwnerID { // OK we're in the context of a User - cond = cond.And(accessibleRepositoryCondition(opts.Actor)) + cond = cond.And(accessibleRepositoryCondition(opts.Actor, unit.TypeInvalid)) } } else { // Not looking at private organisations and users @@ -409,7 +426,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond { // 2. But we can see because of: builder.Or( // A. We have access - userCollaborationRepoCond("`repository`.id", opts.OwnerID), + userAccessRepoCond("`repository`.id", opts.OwnerID), // B. We are in a team for userOrgTeamRepoCond("`repository`.id", opts.OwnerID), // C. Public repositories in organizations that we are member of @@ -483,7 +500,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond { } if opts.Actor != nil && opts.Actor.IsRestricted { - cond = cond.And(accessibleRepositoryCondition(opts.Actor)) + cond = cond.And(accessibleRepositoryCondition(opts.Actor, unit.TypeInvalid)) } if opts.Archived != util.OptionalBoolNone { @@ -570,7 +587,7 @@ func searchRepositoryByCondition(opts *SearchRepoOptions, cond builder.Cond) (db } // accessibleRepositoryCondition takes a user a returns a condition for checking if a repository is accessible -func accessibleRepositoryCondition(user *user_model.User) builder.Cond { +func accessibleRepositoryCondition(user *user_model.User, unitType unit.Type) builder.Cond { cond := builder.NewCond() if user == nil || !user.IsRestricted || user.ID <= 0 { @@ -590,13 +607,24 @@ func accessibleRepositoryCondition(user *user_model.User) builder.Cond { } if user != nil { + // 2. Be able to see all repositories that we have access to + // 3. Be able to see all repositories through team membership(s) + if unitType == unit.TypeInvalid { + // Regardless of UnitType + cond = cond.Or( + userAccessRepoCond("`repository`.id", user.ID), + userOrgTeamRepoCond("`repository`.id", user.ID), + ) + } else { + // For a specific UnitType + cond = cond.Or( + userAccessRepoCond("`repository`.id", user.ID), + userOrgTeamUnitRepoCond("`repository`.id", user.ID, unitType), + ) + } cond = cond.Or( - // 2. Be able to see all repositories that we have access to - userCollaborationRepoCond("`repository`.id", user.ID), - // 3. Repositories that we directly own + // 4. Repositories that we directly own builder.Eq{"`repository`.owner_id": user.ID}, - // 4. Be able to see all repositories that we are in a team - userOrgTeamRepoCond("`repository`.id", user.ID), // 5. Be able to see all public repos in private organizations that we are an org_user of userOrgPublicRepoCond(user.ID), ) @@ -641,18 +669,18 @@ func SearchRepositoryIDs(opts *SearchRepoOptions) ([]int64, int64, error) { // AccessibleRepoIDsQuery queries accessible repository ids. Usable as a subquery wherever repo ids need to be filtered. func AccessibleRepoIDsQuery(user *user_model.User) *builder.Builder { // NB: Please note this code needs to still work if user is nil - return builder.Select("id").From("repository").Where(accessibleRepositoryCondition(user)) + return builder.Select("id").From("repository").Where(accessibleRepositoryCondition(user, unit.TypeInvalid)) } -// FindUserAccessibleRepoIDs find all accessible repositories' ID by user's id -func FindUserAccessibleRepoIDs(user *user_model.User) ([]int64, error) { +// FindUserCodeAccessibleRepoIDs find all accessible repositories' ID by user's id +func FindUserCodeAccessibleRepoIDs(user *user_model.User) ([]int64, error) { repoIDs := make([]int64, 0, 10) if err := db.GetEngine(db.DefaultContext). Table("repository"). Cols("id"). - Where(accessibleRepositoryCondition(user)). + Where(accessibleRepositoryCondition(user, unit.TypeCode)). Find(&repoIDs); err != nil { - return nil, fmt.Errorf("FindUserAccesibleRepoIDs: %v", err) + return nil, fmt.Errorf("FindUserCodeAccesibleRepoIDs: %v", err) } return repoIDs, nil } diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go index 41ca27782f967..5140ff0c24551 100644 --- a/routers/web/explore/code.go +++ b/routers/web/explore/code.go @@ -9,7 +9,6 @@ import ( "code.gitea.io/gitea/models" repo_model "code.gitea.io/gitea/models/repo" - "code.gitea.io/gitea/models/unit" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" code_indexer "code.gitea.io/gitea/modules/indexer/code" @@ -44,106 +43,78 @@ func Code(ctx *context.Context) { queryType := ctx.FormTrim("t") isMatch := queryType == "match" - var ( - repoIDs []int64 - err error - isAdmin bool - ) - if ctx.Doer != nil { - isAdmin = ctx.Doer.IsAdmin - } - - // guest user or non-admin user - if ctx.Doer == nil || !isAdmin { - repoIDs, err = models.FindUserAccessibleRepoIDs(ctx.Doer) - if err != nil { - ctx.ServerError("SearchResults", err) - return - } - } - - var ( - total int - searchResults []*code_indexer.Result - searchResultLanguages []*code_indexer.SearchResultLanguages - ) - - // if non-admin login user, we need check UnitTypeCode at first - if ctx.Doer != nil && len(repoIDs) > 0 { - repoMaps, err := repo_model.GetRepositoriesMapByIDs(repoIDs) - if err != nil { - ctx.ServerError("SearchResults", err) - return + if keyword != "" { + var ( + repoIDs []int64 + err error + isAdmin bool + ) + if ctx.Doer != nil { + isAdmin = ctx.Doer.IsAdmin } - rightRepoMap := make(map[int64]*repo_model.Repository, len(repoMaps)) - repoIDs = make([]int64, 0, len(repoMaps)) - for id, repo := range repoMaps { - if models.CheckRepoUnitUser(repo, ctx.Doer, unit.TypeCode) { - rightRepoMap[id] = repo - repoIDs = append(repoIDs, id) - } - } - - ctx.Data["RepoMaps"] = rightRepoMap - - total, searchResults, searchResultLanguages, err = code_indexer.PerformSearch(ctx, repoIDs, language, keyword, page, setting.UI.RepoSearchPagingNum, isMatch) - if err != nil { - if code_indexer.IsAvailable() { + // guest user or non-admin user + if ctx.Doer == nil || !isAdmin { + repoIDs, err = models.FindUserCodeAccessibleRepoIDs(ctx.Doer) + if err != nil { ctx.ServerError("SearchResults", err) return } - ctx.Data["CodeIndexerUnavailable"] = true - } else { - ctx.Data["CodeIndexerUnavailable"] = !code_indexer.IsAvailable() } - // if non-login user or isAdmin, no need to check UnitTypeCode - } else if (ctx.Doer == nil && len(repoIDs) > 0) || isAdmin { - total, searchResults, searchResultLanguages, err = code_indexer.PerformSearch(ctx, repoIDs, language, keyword, page, setting.UI.RepoSearchPagingNum, isMatch) - if err != nil { - if code_indexer.IsAvailable() { - ctx.ServerError("SearchResults", err) - return + + var ( + total int + searchResults []*code_indexer.Result + searchResultLanguages []*code_indexer.SearchResultLanguages + ) + + if (len(repoIDs) > 0) || isAdmin { + total, searchResults, searchResultLanguages, err = code_indexer.PerformSearch(ctx, repoIDs, language, keyword, page, setting.UI.RepoSearchPagingNum, isMatch) + if err != nil { + if code_indexer.IsAvailable() { + ctx.ServerError("SearchResults", err) + return + } + ctx.Data["CodeIndexerUnavailable"] = true + } else { + ctx.Data["CodeIndexerUnavailable"] = !code_indexer.IsAvailable() } - ctx.Data["CodeIndexerUnavailable"] = true - } else { - ctx.Data["CodeIndexerUnavailable"] = !code_indexer.IsAvailable() - } - loadRepoIDs := make([]int64, 0, len(searchResults)) - for _, result := range searchResults { - var find bool - for _, id := range loadRepoIDs { - if id == result.RepoID { - find = true - break + loadRepoIDs := make([]int64, 0, len(searchResults)) + for _, result := range searchResults { + var find bool + for _, id := range loadRepoIDs { + if id == result.RepoID { + find = true + break + } + } + if !find { + loadRepoIDs = append(loadRepoIDs, result.RepoID) } } - if !find { - loadRepoIDs = append(loadRepoIDs, result.RepoID) + + repoMaps, err := repo_model.GetRepositoriesMapByIDs(loadRepoIDs) + if err != nil { + ctx.ServerError("SearchResults", err) + return } - } - repoMaps, err := repo_model.GetRepositoriesMapByIDs(loadRepoIDs) - if err != nil { - ctx.ServerError("SearchResults", err) - return + ctx.Data["RepoMaps"] = repoMaps } - ctx.Data["RepoMaps"] = repoMaps + ctx.Data["Keyword"] = keyword + ctx.Data["Language"] = language + ctx.Data["queryType"] = queryType + ctx.Data["SearchResults"] = searchResults + ctx.Data["SearchResultLanguages"] = searchResultLanguages + ctx.Data["PageIsViewCode"] = true + + pager := context.NewPagination(total, setting.UI.RepoSearchPagingNum, page, 5) + pager.SetDefaultParams(ctx) + pager.AddParam(ctx, "l", "Language") + ctx.Data["Page"] = pager } - ctx.Data["Keyword"] = keyword - ctx.Data["Language"] = language - ctx.Data["queryType"] = queryType - ctx.Data["SearchResults"] = searchResults - ctx.Data["SearchResultLanguages"] = searchResultLanguages - ctx.Data["PageIsViewCode"] = true - - pager := context.NewPagination(total, setting.UI.RepoSearchPagingNum, page, 5) - pager.SetDefaultParams(ctx) - pager.AddParam(ctx, "l", "Language") - ctx.Data["Page"] = pager - ctx.HTML(http.StatusOK, tplExploreCode) } From 8d7263151f5cdbf0d1a9d3e4904479bf8b81b901 Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Fri, 20 May 2022 09:46:46 +0200 Subject: [PATCH 2/8] Fixed typo's --- models/repo_list.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/models/repo_list.go b/models/repo_list.go index 906803b509bee..0d05a8cfec99e 100644 --- a/models/repo_list.go +++ b/models/repo_list.go @@ -607,7 +607,7 @@ func accessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu } if user != nil { - // 2. Be able to see all repositories that we have access to + // 2. Be able to see all repositories that we have direct access to // 3. Be able to see all repositories through team membership(s) if unitType == unit.TypeInvalid { // Regardless of UnitType @@ -618,7 +618,7 @@ func accessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu } else { // For a specific UnitType cond = cond.Or( - userAccessRepoCond("`repository`.id", user.ID), + userCollaborationRepoCond("`repository`.id", user.ID), userOrgTeamUnitRepoCond("`repository`.id", user.ID, unitType), ) } @@ -672,7 +672,7 @@ func AccessibleRepoIDsQuery(user *user_model.User) *builder.Builder { return builder.Select("id").From("repository").Where(accessibleRepositoryCondition(user, unit.TypeInvalid)) } -// FindUserCodeAccessibleRepoIDs find all accessible repositories' ID by user's id +// FindUserCodeAccessibleRepoIDs finds all at Code level accessible repositories' ID by the user's id func FindUserCodeAccessibleRepoIDs(user *user_model.User) ([]int64, error) { repoIDs := make([]int64, 0, 10) if err := db.GetEngine(db.DefaultContext). From 30550c3974f509cf2366d53f5c3523014d7b5c4a Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Fri, 20 May 2022 09:53:31 +0200 Subject: [PATCH 3/8] Removed whitespace --- routers/web/explore/code.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go index 5140ff0c24551..48e195ea20560 100644 --- a/routers/web/explore/code.go +++ b/routers/web/explore/code.go @@ -61,7 +61,7 @@ func Code(ctx *context.Context) { return } } - + var ( total int searchResults []*code_indexer.Result From 9be48b31c268574ca68234940b35768590e5b46e Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Tue, 24 May 2022 15:33:30 +0200 Subject: [PATCH 4/8] Modified some comments to match the changes --- models/issue.go | 2 +- models/repo_list.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/models/issue.go b/models/issue.go index 302e9c112b249..2bc42434e5851 100644 --- a/models/issue.go +++ b/models/issue.go @@ -1375,7 +1375,7 @@ func issuePullAccessibleRepoCond(repoIDstr string, userID int64, org *organizati cond = cond.And( builder.Or( userOwnedRepoCond(userID), // owned repos - userAccessRepoCond(repoIDstr, userID), // collaboration repos + userAccessRepoCond(repoIDstr, userID), // user can access repo in a unit independent way userAssignedRepoCond(repoIDstr, userID), // user has been assigned accessible public repos userMentionedRepoCond(repoIDstr, userID), // user has been mentioned accessible public repos userCreateIssueRepoCond(repoIDstr, userID, isPull), // user has created issue/pr accessible public repos diff --git a/models/repo_list.go b/models/repo_list.go index 0d05a8cfec99e..4391402164606 100644 --- a/models/repo_list.go +++ b/models/repo_list.go @@ -282,7 +282,7 @@ func teamUnitsRepoCond(id string, userID, orgID, teamID int64, units ...unit.Typ )) } -// userAccessRepoCond returns a condition for selecting all repositories a user has access to +// userAccessRepoCond returns a condition for selecting all repositories a user has unit independent access to func userAccessRepoCond(idStr string, userID int64) builder.Cond { return builder.In(idStr, builder.Select("repo_id"). From("`access`"). @@ -425,7 +425,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond { builder.Neq{"owner_id": opts.OwnerID}, // 2. But we can see because of: builder.Or( - // A. We have access + // A. We have unit independent access userAccessRepoCond("`repository`.id", opts.OwnerID), // B. We are in a team for userOrgTeamRepoCond("`repository`.id", opts.OwnerID), @@ -607,7 +607,7 @@ func accessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu } if user != nil { - // 2. Be able to see all repositories that we have direct access to + // 2. Be able to see all repositories that we have unit independent access to // 3. Be able to see all repositories through team membership(s) if unitType == unit.TypeInvalid { // Regardless of UnitType From 42bb662bb8acf23cc604215d76996451856d5b4f Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Mon, 30 May 2022 16:14:43 +0200 Subject: [PATCH 5/8] Removed unnecessary check for Access Mode in Collaboration table --- models/repo_list.go | 1 - 1 file changed, 1 deletion(-) diff --git a/models/repo_list.go b/models/repo_list.go index 4391402164606..ce4b0a720bafa 100644 --- a/models/repo_list.go +++ b/models/repo_list.go @@ -299,7 +299,6 @@ func userCollaborationRepoCond(idStr string, userID int64) builder.Cond { From("`collaboration`"). Where(builder.And( builder.Eq{"`collaboration`.user_id": userID}, - builder.Gt{"`collaboration`.mode": int(perm.AccessModeNone)}, )), ) } From 6592e1e106aa338dc9b57081691eaf695410f401 Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Tue, 14 Jun 2022 21:37:42 +0200 Subject: [PATCH 6/8] Fixed some merged errors --- models/issues/issue.go | 16 ++-------------- models/repo/repo_list.go | 10 +++++----- routers/web/explore/code.go | 4 +--- 3 files changed, 8 insertions(+), 22 deletions(-) diff --git a/models/issues/issue.go b/models/issues/issue.go index 303c0772aeef8..76a0ea7d0cb55 100644 --- a/models/issues/issue.go +++ b/models/issues/issue.go @@ -1429,19 +1429,11 @@ func issuePullAccessibleRepoCond(repoIDstr string, userID int64, org *organizati } else { cond = cond.And( builder.Or( -<<<<<<< HEAD:models/issue.go - userOwnedRepoCond(userID), // owned repos - userAccessRepoCond(repoIDstr, userID), // user can access repo in a unit independent way - userAssignedRepoCond(repoIDstr, userID), // user has been assigned accessible public repos - userMentionedRepoCond(repoIDstr, userID), // user has been mentioned accessible public repos - userCreateIssueRepoCond(repoIDstr, userID, isPull), // user has created issue/pr accessible public repos -======= repo_model.UserOwnedRepoCond(userID), // owned repos - repo_model.UserCollaborationRepoCond(repoIDstr, userID), // collaboration repos + repo_model.UserAccessRepoCond(repoIDstr, userID), // user can access repo in a unit independent way repo_model.UserAssignedRepoCond(repoIDstr, userID), // user has been assigned accessible public repos repo_model.UserMentionedRepoCond(repoIDstr, userID), // user has been mentioned accessible public repos repo_model.UserCreateIssueRepoCond(repoIDstr, userID, isPull), // user has created issue/pr accessible public repos ->>>>>>> upstream/main:models/issues/issue.go ), ) } @@ -1507,11 +1499,7 @@ func GetRepoIDsForIssuesOptions(opts *IssuesOptions, user *user_model.User) ([]i opts.setupSessionNoLimit(sess) -<<<<<<< HEAD:models/issue.go - accessCond := accessibleRepositoryCondition(user, unit.TypeInvalid) -======= - accessCond := repo_model.AccessibleRepositoryCondition(user) ->>>>>>> upstream/main:models/issues/issue.go + accessCond := repo_model.AccessibleRepositoryCondition(user, unit.TypeInvalid) if err := sess.Where(accessCond). Distinct("issue.repo_id"). Table("issue"). diff --git a/models/repo/repo_list.go b/models/repo/repo_list.go index f04bfc03da733..a70fc8efd409a 100644 --- a/models/repo/repo_list.go +++ b/models/repo/repo_list.go @@ -269,7 +269,7 @@ func UserMentionedRepoCond(id string, userID int64) builder.Cond { ) } -// userAccessRepoCond returns a condition for selecting all repositories a user has unit independent access to +// UserAccessRepoCond returns a condition for selecting all repositories a user has unit independent access to func UserAccessRepoCond(idStr string, userID int64) builder.Cond { return builder.In(idStr, builder.Select("repo_id"). From("`access`"). @@ -290,8 +290,8 @@ func UserCollaborationRepoCond(idStr string, userID int64) builder.Cond { ) } -// userOrgTeamRepoCond selects repos that the given user has access to through team membership -func userOrgTeamRepoCond(idStr string, userID int64) builder.Cond { +// UserOrgTeamRepoCond selects repos that the given user has access to through team membership +func UserOrgTeamRepoCond(idStr string, userID int64) builder.Cond { return builder.In(idStr, userOrgTeamRepoBuilder(userID)) } @@ -414,7 +414,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond { // A. We have unit independent access UserAccessRepoCond("`repository`.id", opts.OwnerID), // B. We are in a team for - userOrgTeamRepoCond("`repository`.id", opts.OwnerID), + UserOrgTeamRepoCond("`repository`.id", opts.OwnerID), // C. Public repositories in organizations that we are member of userOrgPublicRepoCondPrivate(opts.OwnerID), ), @@ -616,7 +616,7 @@ func AccessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu // Regardless of UnitType cond = cond.Or( UserAccessRepoCond("`repository`.id", user.ID), - userOrgTeamRepoCond("`repository`.id", user.ID), + UserOrgTeamRepoCond("`repository`.id", user.ID), ) } else { // For a specific UnitType diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go index 48e195ea20560..03ffe671e3c47 100644 --- a/routers/web/explore/code.go +++ b/routers/web/explore/code.go @@ -6,8 +6,6 @@ package explore import ( "net/http" - - "code.gitea.io/gitea/models" repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" @@ -55,7 +53,7 @@ func Code(ctx *context.Context) { // guest user or non-admin user if ctx.Doer == nil || !isAdmin { - repoIDs, err = models.FindUserCodeAccessibleRepoIDs(ctx.Doer) + repoIDs, err = repo_model.FindUserCodeAccessibleRepoIDs(ctx.Doer) if err != nil { ctx.ServerError("SearchResults", err) return From 26a895b3284fea0e55e94b778c81ecba4e3177d9 Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Tue, 14 Jun 2022 21:54:39 +0200 Subject: [PATCH 7/8] Fixed linting error --- routers/web/explore/code.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go index 03ffe671e3c47..948407ffedf6f 100644 --- a/routers/web/explore/code.go +++ b/routers/web/explore/code.go @@ -5,12 +5,12 @@ package explore import ( - "net/http" repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" code_indexer "code.gitea.io/gitea/modules/indexer/code" "code.gitea.io/gitea/modules/setting" + "net/http" ) const ( From dd8d7251ff951676089e4caebcd1f9d8314f9b14 Mon Sep 17 00:00:00 2001 From: hoitih <10838836+hoitih@users.noreply.github.com> Date: Tue, 14 Jun 2022 22:09:35 +0200 Subject: [PATCH 8/8] Fixed linting error --- routers/web/explore/code.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go index 948407ffedf6f..3afb2110d9abd 100644 --- a/routers/web/explore/code.go +++ b/routers/web/explore/code.go @@ -5,12 +5,13 @@ package explore import ( + "net/http" + repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" code_indexer "code.gitea.io/gitea/modules/indexer/code" "code.gitea.io/gitea/modules/setting" - "net/http" ) const (